Re: inet: frags: Turn fqdir->dead into an int for old Alphas

From: Paul E. McKenney
Date: Sat Jun 08 2019 - 14:18:55 EST

Next message: Guenter Roeck: "Re: [PATCH 4.14 00/69] 4.14.124-stable review"
Previous message: Martin Blumenstingl: "[PATCH v2 03/14] pwm: meson: use GENMASK and FIELD_PREP for the lo and hi values"
In reply to: Paul E. McKenney: "Re: inet: frags: Turn fqdir->dead into an int for old Alphas"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Jun 08, 2019 at 10:42:41AM -0700, Linus Torvalds wrote:
> On Sat, Jun 8, 2019 at 8:32 AM Paul E. McKenney <paulmck@xxxxxxxxxxxxx> wrote:
> >
> > On Fri, Jun 07, 2019 at 09:19:42AM -0700, Linus Torvalds wrote:
> > >
> > > - bitfields obviously do need locks. 'char' does not.
> > >
> > > If there's somebody who really notices the alpha issue in PRACTICE, we
> > > can then bother to fix it. But there is approximately one user, and
> > > it's not a heavy-duty one.
> >
> > C11 and later compilers are supposed to use read-modify-write atomic
> > operations in this sort of situation anyway because they are not supposed
> > to introduce data races.

Apologies, I should have explicitly stated that I was talking about char
stores, not bitfield stores. And last I checked, the C11 standard's
prohibition against data races did not extend to individual fields within
a bitfield. So, yes, for bitfields, the programmer must use a lock or
similar if it is necessary for updates to fields within a bitfield to
be atomic.

> I don't think that's possible on any common architecture. The
> bitfields themselves will need locking, to serialize writes of
> different fields against each other.

Yes, and again the C standard doesn't make any atomicity guarantees
regarding storing to different fields within a bitfield. The compiler is
free to assume that nothing else is happening anywhere in the bitfield
when storing to a field within that bitfield. Which gets back to your
"bitfields obviously do need locks", and it is of course the developer
(not the compiler) who must supply those locks. Plus a given lock must
cover the entire bitfield -- having one lock for half the fields within
a given bitfield and another lock for the other half will break.

Switching from bitfields to char, the C standard -does- require that
storing to one char must avoid even momentary corruption of adjacent
char, so given an old Alpha the compiler would need to use something
like an LL/SC loop. If it fails to do so, that compiler is failing to
comply with the standard.

> There are no atomic rmw sequences that have reasonable performance for
> the bitfield updates themselves.

Agreed, in the general case. In a few specific special cases, we do
sometimes hand-craft bitfields using shifts and masks, and sometimes
we use atomic RMW operations to update them. I suppose we could use
unions as an alternative, but it is not clear to me that this would
help anything.

> The fields *around* the bitfields had better be safe, but that's
> something we already depend on, and which falls under the heading of
> "we don't accept garbage compilers".

And the C standard does require the compiler to make that guarantee, so
for once the standard is even on our side. ;-)

Thanx, Paul

Next message: Guenter Roeck: "Re: [PATCH 4.14 00/69] 4.14.124-stable review"
Previous message: Martin Blumenstingl: "[PATCH v2 03/14] pwm: meson: use GENMASK and FIELD_PREP for the lo and hi values"
In reply to: Paul E. McKenney: "Re: inet: frags: Turn fqdir->dead into an int for old Alphas"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]